CVE-2006-6333

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

06/12/2006

Last modified:

09/04/2025

Description

The tr_rx function in ibmtr.c for Linux kernel 2.6.19 assigns the wrong flag to the ip_summed field, which allows remote attackers to cause a denial of service (memory corruption) via crafted packets that cause the kernel to interpret another field as an offset.

Impact

Vector 2.0

AV:N/AC:L/Au:N/C:N/I:N/A:C CVSS v2.0 Severity and Metrics:

Base Score: 7.80 HIGH
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Attack Vector (AV): Network
Attack Complexity (AC): Low
Authentication (Au): None
Confidentiality (C): None
Integrity (I): None
Availability (A): Complete

Base Score 2.0

7.80

Severity 2.0

HIGH

Vulnerable products and versions

CPE	From	Up to
cpe:2.3:o:linux:linux_kernel:2.6.19:::::::*

To consult the complete list of CPE names with products and versions, see this page

References to Advisories, Solutions, and Tools

http://secunia.com/advisories/23254
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba%3Dblobdiff%3Bh%3D0d97e10ccac580e16d3dffbe4a9a88144360e64a%3Bhp%3Dbfe59865b1dd50e5c4dbd4cefe506a31e1495a1a%3Bhb%3Dee28b0da1069ced1688aa9d0b7b378353b988321%3Bf%3Ddrivers/net/tokenring/ibmtr.c
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba%3Dcommit%3Bh%3Dee28b0da1069ced1688aa9d0b7b378353b988321
http://www.securityfocus.com/bid/21490
http://www.vupen.com/english/advisories/2006/4907
http://secunia.com/advisories/23254
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba%3Dblobdiff%3Bh%3D0d97e10ccac580e16d3dffbe4a9a88144360e64a%3Bhp%3Dbfe59865b1dd50e5c4dbd4cefe506a31e1495a1a%3Bhb%3Dee28b0da1069ced1688aa9d0b7b378353b988321%3Bf%3Ddrivers/net/tokenring/ibmtr.c
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba%3Dcommit%3Bh%3Dee28b0da1069ced1688aa9d0b7b378353b988321
http://www.securityfocus.com/bid/21490
http://www.vupen.com/english/advisories/2006/4907